feat(deps): update dependency googleapis/mcp-toolbox to v1.5.0

[renovate-bot]

This PR contains the following updates:

Package	Update	Change
googleapis/mcp-toolbox	minor	1.2.0 → 1.5.0

---

Release Notes

googleapis/mcp-toolbox (googleapis/mcp-toolbox)

v1.5.0

Compare Source

Features

• auth/google: Require audience or clientId for mcpEnabled (#​3450) (59f7b6e)
• Enable per source level flags for sql commenter (#​3465) (ecce6b7)
• mcp: Add URL parameter binding for HTTP transport (#​3112) (0cc7b37)
• scylladb: Adding support for ScyllaDB source and tool (#​3119) (2dada83)
• server: Add support for toolset filtering in prebuilt CLI flag (#​3245) (7cc4f65)
• skills: Generate skills offline without live source connections (#​3388) (4c860b6)
• skills: Tolerate missing env vars during offline skills-generate (#​3399) (ea5d3e5)
• source/cloud-storage: Restrict bucket and local path access (#​3454) (2c3ca5d)
• tools/bigquery: Add per tool query label in BigQuery jobs (#​1975) (3f6a49f)
• tools/dataplex: Add tools to support metadata enrichment workflow (#​3270) (05289aa)
• tools/mysql: Add show-query-stats and list-all-locks tools for MySQL and Cloud SQL MySQL source (#​2954) (a9693bd)
• tools: Decouple tool initialization from sources (#​3355) (32a24e3)

Bug Fixes

• auth/dataplex: Fix failing source with service account credentials (#​3369) (ba4deef)
• bigquery: Wire maximumBytesBilled into prebuilt config (#​3385) (4abbf6e)
• Bound MCP HTTP body size (#​3216) (d4f4342)
• config: Add doc/line context to parse errors (#​2957) (4b097da)
• Escape delimiter characters in applyEscape to prevent SQL injection (#​2811) (932519a)
• npm: Source binary version from cmd/version.txt (#​3417) (6ffbdec)
• prebuilt/alloydb-omni: Require password env var explicitly (#​3398) (fcbe3e7)
• server: Fail if MCP auth is enabled together with enable-api (#​3435) (a6ff910)
• server: Return errors instead of panicking in InitializeConfigs (#​3397) (f48b01d)
• source/cloudhealthcare: Validate pageURL parameter to prevent SSRF (#​3453) (9abf47d)
• source/dataplex,source/datalineage: Specify cloud-platform scope for default credentials (#​3376) (13e8c36)
• source/http: Implement SSRF guard (#​3448) (24d7d29)
• tool/bigquery-execute-sql: Prevent dataset restriction bypass (#​3452) (ca6d5e3)
• tool/mysql-get-query-plan: Prevent query execution bypass and statement injection (#​3235) (7ed1e7b)
• tool/spanner-sql,tool/spanner-execute-sql: Use read-only annotations when readOnly is set (#​3338) (8bde0ec)

v1.4.0

Compare Source

Features

• ci: Add support for windows/arm64 binary distribution (#​3231) (10abf3b)
• datalineage: Add Data Lineage integration (#​3285) (19353c3)
• server: Ignore unknown tools at startup with --ignore-unknown-tools flag (#​3353) (5f0304f)
• tools/cloudsqlpg: Add remaining vector assist tools for Cloud SQL Postgres (#​3203) (b514cbd)
• tools/spanner-search-catalog: Implement search_catalog tool (#​3140) (defc086)

Bug Fixes

• auth/generic: Enforce issuer presence in opaque token validation (#​3360) (1d8df0d)
• auth: Separate Google and Generic MCP OAuth verification (#​3341) (dfd66ee)
• mcp: Support annotations and metadata within Tools to earlier MCP schemas (#​3300) (9a88c72)
• oracle: Remove trailing semicolons from prebuilt tools (#​3215) (fcad02d)
• server/auth: Centralize tool scopes validation (#​3335) (adce4ab)
• server: Return null id for batch request rejection (#​3333) (0b18d58)
• source/dataplex: Limit search results to pageSize (#​3323) (905c1f6), closes #​3308
• telemetry: Allow GCP project override (#​2960) (3c83ba5)
• tool/bigquery: Prevent allowedDatasets bypass in forecast query (#​3324) (45df461)
• tool/clickhouse: Handle ignored ProcessParameters error (#​3340) (ddfd887)
• tools/clickhouse,tools/bigquery: Validate identifier parameters to prevent injection (#​3219) (2f45f75)
• tools/looker: Escape filter values for unquoted parameters (#​3289) (1711156)

v1.3.0

Compare Source

Features

• auth: Implement MCP auth tool-level scopes validation (#​3049) (c528985)
• looker: Propagate client IP from incoming MCP requests to downstream SDK calls (#​3253) (75da6c2)
• Setup SQLCommenter and allow client metadata (#​3064) (9f1f9b3)
• tool/cloudsqladmin: Add cloud-sql-admin-execute-sql-many and cloud-sql-admin-sql-many (#​3083) (ef300a8)

Bug Fixes

• auth/generic: Fix generic auth expiration field and integration with authRequired (#​3251) (f4d16c0)
• Enforce toolset/promptset boundary on tools/call and prompts/get (#​3036) (c739b80)
• tools/http: Prevent path traversal and base path scope escape (#​3218) (80a6602)
• tools/looker: Return a 401 error to MCP client when Looker returns a 401 (#​3233) (4f409a3)
• tools/looker: Strip wrapping quotes from filter values for unquoted parameters (#​3273) (1e3de96)
• tools: Initialize query result slices to empty array (#​3250) (60ddf48)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

BEGIN_COMMIT_OVERRIDE
feat: auth/google: Require audience or clientId for mcpEnabled (mcp-toolbox#​3450) (59f7b6e)
feat: Enable per source level flags for sql commenter (mcp-toolbox#​3465) (ecce6b7)
feat: mcp: Add URL parameter binding for HTTP transport (mcp-toolbox#​3112) (0cc7b37)
feat: scylladb: Adding support for ScyllaDB source and tool (mcp-toolbox#​3119) (2dada83)
feat: server: Add support for toolset filtering in prebuilt CLI flag (mcp-toolbox#​3245) (7cc4f65)
feat: skills: Generate skills offline without live source connections (mcp-toolbox#​3388) (4c860b6)
feat: skills: Tolerate missing env vars during offline skills-generate (mcp-toolbox#​3399) (ea5d3e5)
feat: tools: Decouple tool initialization from sources (mcp-toolbox#​3355) (32a24e3)
fix: auth/dataplex: Fix failing source with service account credentials (mcp-toolbox#​3369) (ba4deef)
fix: bigquery: Wire maximumBytesBilled into prebuilt config (mcp-toolbox#​3385) (4abbf6e)
fix: Bound MCP HTTP body size (mcp-toolbox#​3216) (d4f4342)
fix: config: Add doc/line context to parse errors (mcp-toolbox#​2957) (4b097da)
fix: Escape delimiter characters in applyEscape to prevent SQL injection (mcp-toolbox#​2811) (932519a)
fix: npm: Source binary version from cmd/version.txt (mcp-toolbox#​3417) (6ffbdec)
fix: prebuilt/alloydb-omni: Require password env var explicitly (mcp-toolbox#​3398) (fcbe3e7)
fix: server: Fail if MCP auth is enabled together with enable-api (mcp-toolbox#​3435) (a6ff910)
fix: server: Return errors instead of panicking in InitializeConfigs (mcp-toolbox#​3397) (f48b01d)
feat: ci: Add support for windows/arm64 binary distribution (mcp-toolbox#​3231) (10abf3b)
feat: datalineage: Add Data Lineage integration (mcp-toolbox#​3285) (19353c3)
feat: server: Ignore unknown tools at startup with --ignore-unknown-tools flag (mcp-toolbox#​3353) (5f0304f)
fix: auth/generic: Enforce issuer presence in opaque token validation (mcp-toolbox#​3360) (1d8df0d)
fix: auth: Separate Google and Generic MCP OAuth verification (mcp-toolbox#​3341) (dfd66ee)
fix: mcp: Support annotations and metadata within Tools to earlier MCP schemas (mcp-toolbox#​3300) (9a88c72)
fix: oracle: Remove trailing semicolons from prebuilt tools (mcp-toolbox#​3215) (fcad02d)
fix: server/auth: Centralize tool scopes validation (mcp-toolbox#​3335) (adce4ab)
fix: server: Return null id for batch request rejection (mcp-toolbox#​3333) (0b18d58)
fix: telemetry: Allow GCP project override (mcp-toolbox#​2960) (3c83ba5)
feat: auth: Implement MCP auth tool-level scopes validation (mcp-toolbox#​3049) (c528985)
feat: looker: Propagate client IP from incoming MCP requests to downstream SDK calls (mcp-toolbox#​3253) (75da6c2)
feat: Setup SQLCommenter and allow client metadata (mcp-toolbox#​3064) (9f1f9b3)
fix: auth/generic: Fix generic auth expiration field and integration with authRequired (mcp-toolbox#​3251) (f4d16c0)
fix: tools: Initialize query result slices to empty array (mcp-toolbox#​3250) (60ddf48)
END_COMMIT_OVERRIDE